<?php
/**
 * Controller is the customized base controller class.
 * All controller classes for this application should extend from this base class.
 */
class Controller extends CController
{
	/**
	 * @var string the default layout for the controller view. Defaults to '//layouts/column1',
	 * meaning using a single column layout. See 'protected/views/layouts/column1.php'.
	 */
	public $layout='//layouts/column1';
	/**
	 * @var array context menu items. This property will be assigned to {@link CMenu::items}.
	 */
	public $menu=array();
	/**
	 * @var array the breadcrumbs of the current page. The value of this property will
	 * be assigned to {@link CBreadcrumbs::links}. Please refer to {@link CBreadcrumbs::links}
	 * for more details on how to specify this property.
	 */
	public $breadcrumbs=array();


    public $userData; // Holds an activeRecord with current user. NULL if guest

    public $section = "";


    public function init() {
        // Load the user
        if (!Yii::app()->user->isGuest)
            $this->userData = User::model()->find('username=?', array(Yii::app()->user->id));
    }

    public function allowUsers($roles=Array(),$users=Array())
    {
        if ($this->userData !== null) {
            $userrole = $this->userData->user_role_id;
            $username = $this->userData->username;
        }
        else return;

        // superadmin has access to everything
        if ($username == "superadmin")
            return;

        // Both empty means everybody has access.
        if (($roles==Array()) && ($users==Array())) {
            return;
        }
        // only users. Must one of the given user to have access.
        else if (($roles==Array()) && ($users!=Array())) {
            if (!in_array($username, $users)) {
                throw new CHttpException(403, 'You don\'t have the permission to view this content');
            }
            else return;
        }
        // only roles. Must have the right userrole to have access
        else if (($roles!=Array()) && ($users==Array())) {
            if (!in_array($userrole, $roles)) {
                throw new CHttpException(403, 'You don\'t have the permission to view this content');
            }
            else return;
        }
        // Must be in users OR roles to have access.
        else {
            if ((!in_array($userrole, $roles)) && (!in_array($username, $users))) {
                throw new CHttpException(403, 'You don\'t have the permission to view this content');
            }
            else return;
        }

    }

}